From Fedora Project Wiki

Switching Cyrus Sasl from BerkeleyDB to GDBM

Summary

cyrus-sasl package was built with libdb requirement, now it is replaced by gdbm.

Owner


Current status

Detailed Description

This change switches the default backend Key-Value DB used by sasldb plugin from BerkeleyDB to GDBM and provides a migration tool for automatic conversion from old to new format.

Feedback

Benefit to Fedora

According to more restrictive libdb licence policy exists effort to remove libdb's dependencies. cyrus-sasl package can now be built without libdb requirement.


Scope

  • Proposal owners:
  • Other developers:

The owners of the packages depending on cyrus-sasl sasldb plugin should provide the documentation about the migration procedure.

  • Release engineering: [1]
  • Policies and guidelines: not needed for this Change
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with Objectives:

Upgrade/compatibility impact

The migration script should be used to upgrade the particular databases used by specific applications via sasldb plugin


How To Test

  • Install the new version of the cyrus-sasl.
  • Use the migration tool bdb2current provided by the package to migrate your sasldb file
  • update the configuration file to point on the new sasldb file
  • restart the application if necessary
  • Check that auth is still working


User Experience

Dependencies

A lot of application use cyrus-sasl sasldb plugins. Their maintainers were notified via email and some of them have responded.

  • 389-ds-base
  • 389-ds-base-libs
  • argus
  • argus-clients
  • autofs
  • cyrus-imapd
  • cyrus-sasl
  • ekiga
  • exim
  • gvnc
  • inn
  • isync
  • kdebase3-pim-ioslaves
  • kdepim-runtime-libs
  • kdepimlibs
  • kf5-kimap
  • kf5-kldap
  • kf5-ksmtp
  • kf5-libksieve
  • libetpan
  • libmemcached-libs
  • libpurple
  • librdkafka
  • libvirt-daemon
  • lua-cyrussasl
  • mail-notification
  • memcached
  • mongo-c-driver-libs
  • mozldap
  • mutt
  • myproxy-libs
  • nmh
  • openldap
  • openldap-clients
  • openldap-servers
  • pcp-libs
  • perl-Cyrus
  • php-ldap
  • php-pecl-memcached
  • postfix
  • ptlib
  • python3-qpid-proton
  • python3-subversion
  • qca-cyrus-sasl
  • qca-qt5-cyrus-sasl
  • qemu-system*
  • qpid-proton-c
  • sendmail
  • spice-glib
  • spice-server
  • squid
  • sssd-ad
  • subversion-libs
  • subversion-ruby
  • znc

The owners of the packages are recommended to create a sasldb base using the new version of cyrus-sasl and check that auth works normally for them. Also it would be useful to check that a migration tool works well for the existing base

Contingency Plan

  • Contingency mechanism: Revert the shipped configuration
  • Contingency deadline: F35 branch date (2021-08-10)
  • Blocks release? Yes

Documentation

Here is the notification sent to known developers of the depending packages:

New version of the cyrus-sasl is planned to use the gdbm database for the sasldb plugins.

I've implemented the patch (https://src.fedoraproject.org/rpms/cyrus-sasl/pull-request/3#request_diff) changing the default DB and implementing the migration tool to make the switching from BerkeleyDB to GDBM seamless.

I kindly ask you to check the information in the following spreadsheet: https://docs.google.com/spreadsheets/d/1z5eTSm3rtlKtEKPCxhI_wE861Xzg8kbvINWixSwQmLg/edit?usp=sharing:

whether your package is affected by the proposed change whether the migration tool is suitable for your purposes

and let me know or mark the results in the table

Release Notes

a new version of the cyrus-sasl package is landing in rawhide.

This version changes the database used to store saslauthdb data. This is part of the move to deprecate use of Berkley DB. The new package will use GDBM instead.

We provided a tool to perform migrations for database should that be needed by a package:

The syntax of the migration tool is cyrusbdb2current <sasldb path> <new_path>

Please check whether your packages use the sasldb plugin and provide a relevant migration guideline.